of_match_device could return NULL, and so cause a NULL pointer
dereference later.
Signed-off-by: LABBE Corentin <[email protected]>
---
drivers/mtd/nand/atmel_nand.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
index 475c938..f3cf68b 100644
--- a/drivers/mtd/nand/atmel_nand.c
+++ b/drivers/mtd/nand/atmel_nand.c
@@ -1495,9 +1495,12 @@ static int atmel_of_init_port(struct atmel_nand_host *host,
int ecc_mode;
struct atmel_nand_data *board = &host->board;
enum of_gpio_flags flags = 0;
+ const struct of_device_id *of_id;
- host->caps = (struct atmel_nand_caps *)
- of_match_device(atmel_nand_dt_ids, host->dev)->data;
+ of_id = of_match_device(atmel_nand_dt_ids, host->dev);
+ if (!of_id)
+ return -ENODEV;
+ host->caps = of_id->data;
if (of_property_read_u32(np, "atmel,nand-addr-offset", &val) == 0) {
if (val >= 32) {
--
2.4.10
On 12 November 2015 at 08:49, LABBE Corentin <[email protected]> wrote:
> of_match_device could return NULL, and so cause a NULL pointer
> dereference later.
>
> Signed-off-by: LABBE Corentin <[email protected]>
> ---
> drivers/mtd/nand/atmel_nand.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
> index 475c938..f3cf68b 100644
> --- a/drivers/mtd/nand/atmel_nand.c
> +++ b/drivers/mtd/nand/atmel_nand.c
> @@ -1495,9 +1495,12 @@ static int atmel_of_init_port(struct atmel_nand_host *host,
> int ecc_mode;
> struct atmel_nand_data *board = &host->board;
> enum of_gpio_flags flags = 0;
> + const struct of_device_id *of_id;
>
> - host->caps = (struct atmel_nand_caps *)
> - of_match_device(atmel_nand_dt_ids, host->dev)->data;
> + of_id = of_match_device(atmel_nand_dt_ids, host->dev);
> + if (!of_id)
> + return -ENODEV;
> + host->caps = of_id->data;
It might be cleaner to use of_device_get_match_data() here.
regards,
Joachim Eastwood
Hi LABBE,
[auto build test WARNING on mtd/master]
[also build test WARNING on v4.3 next-20151112]
url: https://github.com/0day-ci/linux/commits/LABBE-Corentin/mtd-nand-atmel_nand-fix-a-possible-NULL-dereference/20151112-155258
base: git://git.infradead.org/linux-mtd.git master
config: arm-at91_dt_defconfig (attached as .config)
reproduce:
wget https://git.kernel.org/cgit/linux/kernel/git/wfg/lkp-tests.git/plain/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
make.cross ARCH=arm
All warnings (new ones prefixed by >>):
drivers/mtd/nand/atmel_nand.c: In function 'atmel_of_init_port':
>> drivers/mtd/nand/atmel_nand.c:1503:13: warning: assignment discards 'const' qualifier from pointer target type
host->caps = of_id->data;
^
vim +/const +1503 drivers/mtd/nand/atmel_nand.c
1487
1488 static const struct of_device_id atmel_nand_dt_ids[];
1489
1490 static int atmel_of_init_port(struct atmel_nand_host *host,
1491 struct device_node *np)
1492 {
1493 u32 val;
1494 u32 offset[2];
1495 int ecc_mode;
1496 struct atmel_nand_data *board = &host->board;
1497 enum of_gpio_flags flags = 0;
1498 const struct of_device_id *of_id;
1499
1500 of_id = of_match_device(atmel_nand_dt_ids, host->dev);
1501 if (!of_id)
1502 return -ENODEV;
> 1503 host->caps = of_id->data;
1504
1505 if (of_property_read_u32(np, "atmel,nand-addr-offset", &val) == 0) {
1506 if (val >= 32) {
1507 dev_err(host->dev, "invalid addr-offset %u\n", val);
1508 return -EINVAL;
1509 }
1510 board->ale = val;
1511 }
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
On Thu, Nov 12, 2015 at 09:29:57AM +0100, Joachim Eastwood wrote:
> On 12 November 2015 at 08:49, LABBE Corentin <[email protected]> wrote:
> > of_match_device could return NULL, and so cause a NULL pointer
> > dereference later.
> >
> > Signed-off-by: LABBE Corentin <[email protected]>
> > ---
> > drivers/mtd/nand/atmel_nand.c | 7 +++++--
> > 1 file changed, 5 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/mtd/nand/atmel_nand.c b/drivers/mtd/nand/atmel_nand.c
> > index 475c938..f3cf68b 100644
> > --- a/drivers/mtd/nand/atmel_nand.c
> > +++ b/drivers/mtd/nand/atmel_nand.c
> > @@ -1495,9 +1495,12 @@ static int atmel_of_init_port(struct atmel_nand_host *host,
> > int ecc_mode;
> > struct atmel_nand_data *board = &host->board;
> > enum of_gpio_flags flags = 0;
> > + const struct of_device_id *of_id;
> >
> > - host->caps = (struct atmel_nand_caps *)
> > - of_match_device(atmel_nand_dt_ids, host->dev)->data;
> > + of_id = of_match_device(atmel_nand_dt_ids, host->dev);
> > + if (!of_id)
> > + return -ENODEV;
> > + host->caps = of_id->data;
>
> It might be cleaner to use of_device_get_match_data() here.
>
I agree, I will resend shortly with it.
And this time, I wont forgot the patch which permit to supress the kbuild_robot warning.
Regards
LABBE Corentin